Data Exfiltration

Data exfiltration is the unauthorized transfer of data from a computer or other device. Threat actors typically exfiltrate data after a breach, while malicious insiders (also known as insider threats) may also gain unauthorized access to the data. Data thieves can exfiltrate data manually if they have physical access to it or, more commonly, by using malicious software to remotely automate the process.

To prevent data exfiltration, organizations should require strong passwords and multi-factor authentication (MFA), continuously monitor outbound data transfers, enforce strict access controls, establish threat detection procedures and response strategies, encrypt sensitive data, and employ data loss prevention (DLP) technologies. Employee training to recognize social engineering and phishing attacks can also reduce the risk of data exfiltration.